all InfoSec news
AWS/S3 Subdomain Takeover
Jan. 25, 2024, 9:29 a.m. | Scott Lindh
InfoSec Write-ups - Medium infosecwriteups.com
Write up about how I successfully took over the subdomain of an AWS/S3 bucket.
A Subdomain takeover is a cybersecurity vulnerability where attackers exploit abandoned or misconfigured subdomains, gaining unauthorized control. This can lead to malicious activities such as phishing, malware distribution, and defacement.This 404 suggests something interesting and that is that “No such Bucket” exists…..These are the steps I took to successfully take over this subdomain and link it to my own AWS bucket
- Enumerate subdomains using a …
attackers aws bug bounty bug-bounty-tips can control cybersecurity defacement distribution exploit hacking hacking tools malicious malware malware distribution misconfigured pentesting phishing s3 bucket subdomain subdomains subdomain takeover takeover unauthorized vulnerability
More from infosecwriteups.com / InfoSec Write-ups - Medium
Private Interact.sh server setup with a web dashboard
1 day, 13 hours ago |
infosecwriteups.com
Hack Stories: Hacking Hackers EP:3
3 days, 13 hours ago |
infosecwriteups.com
Mastering Shodan Search Engine
4 days, 14 hours ago |
infosecwriteups.com
Email Verification Bypass via Remember Me
4 days, 14 hours ago |
infosecwriteups.com
Typo Trouble: Exploring the Telegram Python RCE Vulnerability
4 days, 14 hours ago |
infosecwriteups.com
Active DNS Recon using AXIOM
4 days, 14 hours ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Senior Security Researcher, SIEM
@ Huntress | Remote Canada
Senior Application Security Engineer
@ Revinate | San Francisco Bay Area
Cyber Security Manager
@ American Express Global Business Travel | United States - New York - Virtual Location
Incident Responder Intern
@ Bentley Systems | Remote, PA, US
SC2024-003533 Senior Online Vulnerability Assessment Analyst (CTS) - THU 9 May
@ EMW, Inc. | Mons, Wallonia, Belgium